September 6, 2013
“At what point do we just start calling these guys the Stasi,” asked a friend of mine over coffee today.
He was, of course, referring to the latest news out of the Guardian– the same British paper that published Edward Snowden’s original whistleblowing interview.
First the world learning that the NSA’s PRISM program monitors almost ALL Internet traffic, worldwide. Now the Guardian reports that the NSA and its British counterpart GCHQ have ‘cracked codes’ across the Internet that were once thought uncrackable.
Dropbox, for example, is a popular file storage and sharing tool that allows users to upload Gigabytes worth of files to their servers. And they claim that their security protocols encrypt the file transfers from end to end.
But the NSA claims to have cracked HTTPS and Secure Socket Layer protocols which encrypt digital communications.
And of course, it’s been leaked that Microsoft is firmly in bed with the NSA, providing the agency with backdoor access to users of Microsoft Outlook.
Perhaps this is what Lavabit CEO Ladar Levison meant when he said, “If you knew what I knew about e-mail, you might not use it.”
(Lavabit was a secure email provider that recently shut itself down rather than “become complicit in crimes against the American people.”)
I have to tell you, though, I’m deeply suspicious some of the NSA’s assertions.
They seem to be claiming that they have cracked nearly everything, and that they have backdoor access to privacy software. But this is practically impossible.
A lot of encryption software used today is actually ‘open source’. This means that the software code is freely available to anyone.
GNU Privacy Guard (GPG) is a great example. GPG is an open-source, free alternative version of Phil Zimmerman’s original PGP software. And it’s widely used to encrypt files and emails.
But because GPG is open-source, the software code is available for anyone to view, inspect, and modify. If there were any backdoor access for the NSA, thousands of people would see this.
Not to mention, to penetrate a single 2048-bit encryption key can take anywhere from thousands of years to tens of millions of years, even with the fastest supercomputers.
Consequently, it’s IMPOSSIBLE for the NSA to have cracked everything. And my assessment is that this is an intimidation campaign.
The NSA wants people to think that they have this capability.
And if everyone thinks that the NSA is Big Brother’s Big Brother, all-seeing and all-knowing, then not only will everyone be terrified, but everyone will simply stop using encryption.
After all, why bother going through the hassle of encrypting/decrypting if the NSA can still read the contents of your email?
It’s in the NSA’s interest for people to think that the agency is almighty. I don’t buy it. These people are seriously vile. But they don’t have superpowers.
When done properly, email encryption is still a good option. And there are a number of open-source tools out there to consider using.
You can read about several of them in our free report– How to Give the NSA the Finger. And for members of our premium service, Sovereign Man: Confidential, you’ll soon receive a step-by-step guide specifically for email encryption. More to follow on this.